我想为每个被禁用和移动的AD帐户创建一个.csv文件,该文件具有移动对象的$account.Distingushed名称和移动对象所来自的$OU.Distinguished名称。
处理这个问题的最佳方法是什么?
$OUs | Where-Object{$excludeOUS -notcontains $_.DistinguishedName } | Foreach-Object {
$params = @{}
$params = @{
SearchBase = [String]$_.DistinguishedName
SearchScope = [String]"OneLevel"
AccountInactive = $true
TimeSpan = ([timespan]$days)
Verbose = $true
}
If($users) {
$params.Add("UsersOnly",$true)
}
ElseIf($computers) {
$params.Add("ComputersOnly",$true)
}
$accounts = Search-ADAccount @params
foreach ($account in $accounts) {
$params = @{}
$params = @{
Identity = [string]$account.DistinguishedName
Verbose = $true
}
If ($noDisable -notcontains $account.Name -and $account.ObjectClass -eq "User" ) {
Disable-ADAccount @params @whatIf
$params.Add("Description",$description)
Set-ADUser @params @WhatIf
$params.Remove('Description')
$params.Add("TargetPath", 'OU=Disabled Users,DC=test,DC=local')
Move-ADObject @params @WhatIf
# Somehow Export $account.DistinghuisedName and $OU.Distinguished name to .csv???
}
ElseIf ($noDisable -notcontains $account.Name -and $account.ObjectClass -eq "Computer") {
Disable-ADAccount @params @whatIf
$params.Add("Description",$description)
Set-ADComputer @params @WhatIf
$params.Remove('Description')
$params.Add("TargetPath", 'OU=Disabled Computers,DC=test,DC=local')
Move-ADObject @params @WhatIf
# Somehow Export $account.DistinghuisedName and $OU.Distinguished name to .csv???
}
}
}
您可以尝试下面的代码(未经测试(。
设置csvPath、ouDistinguishedName和accountDistinguisedName的变量。
您可以将这些变量添加到对象中并导出到csv。我使用了$帐户。名称为csv名称,但您可以使用其他名称。
$csvPath = "c:temp"
$OUs | Where-Object { $excludeOUS -notcontains $_.DistinguishedName } | Foreach-Object {
$ouDistinguishedName = $_.DistinguishedName
$params = @{ }
$params = @{
SearchBase = [String]$_.DistinguishedName
SearchScope = [String]"OneLevel"
AccountInactive = $true
TimeSpan = ([timespan]$days)
Verbose = $true
}
If ($users) {
$params.Add("UsersOnly", $true)
}
ElseIf ($computers) {
$params.Add("ComputersOnly", $true)
}
$accounts = Search-ADAccount @params
foreach ($account in $accounts) {
$accountDistinguishedName = $account.DistinguishedName
$accountName = $account.Name
$params = @{ }
$params = @{
Identity = [string]$account.DistinguishedName
Verbose = $true
}
If ($noDisable -notcontains $account.Name -and $account.ObjectClass -eq "User" ) {
Disable-ADAccount @params @whatIf
$params.Add("Description", $description)
Set-ADUser @params @WhatIf
$params.Remove('Description')
$params.Add("TargetPath", 'OU=Disabled Users,DC=test,DC=local')
Move-ADObject @params @WhatIf
# Somehow Export $account.DistinghuisedName and $OU.Distinguished name to .csv???
$objectProperty = @{}
$objectProperty.Add('Account',$accountDistinguishedName)
$objectProperty.Add('OU',$ouDistinguishedName)
$object = New-Object -TypeName psobject -Property $objectProperty
$object | Export-Csv "$csvPath$accountName.csv" -NoTypeInformation
}
ElseIf ($noDisable -notcontains $account.Name -and $account.ObjectClass -eq "Computer") {
Disable-ADAccount @params @whatIf
$params.Add("Description", $description)
Set-ADComputer @params @WhatIf
$params.Remove('Description')
$params.Add("TargetPath", 'OU=Disabled Computers,DC=test,DC=local')
Move-ADObject @params @WhatIf
# Somehow Export $account.DistinghuisedName and $OU.Distinguished name to .csv???
$objectProperty = @{}
$objectProperty.Add('Account',$accountDistinguishedName)
$objectProperty.Add('OU',$ouDistinguishedName)
$object = New-Object -TypeName psobject -Property $objectProperty
$object | Export-Csv "$csvPath$accountName.csv" -NoTypeInformation
}
}
}
您甚至可以直接将其导出为哈希表:
@{"Account" = $accountDistinguishedName; "OU" = $ouDistinguishedName}.GetEnumerator() | Export-Csv "$($csvpath)$($accountname)" -NoTypeInformation
我想通了!
$acctsCSV = @(
[pscustomobject]@{
Account = [string]$account.Name
OU = [string]$OU.DistinguishedName
}
)
$acctsCSV | Export-Csv -Path $filePath -NoTypeInformation